Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unbreak 'sudo' inside toolbox containers with Podman 2.0.5 #547

Merged
merged 2 commits into from
Aug 30, 2020
Merged

Unbreak 'sudo' inside toolbox containers with Podman 2.0.5 #547

merged 2 commits into from
Aug 30, 2020

Conversation

debarshiray
Copy link
Member

@debarshiray debarshiray commented Aug 30, 2020
edited
Loading

Since Podman 2.0.5, containers that were created with
podman create --userns=keep-id ... automatically get the user added
to /etc/passwd [1]. However, this user isn't as fully configured as it
needs to be. The home directory is specified as / and the shell is
/bin/sh.

Note that Podman doesn't add the user's login group to /etc/group [2].
This leads to the following error when entering the container:
/usr/bin/id: cannot find name for group ID 1000

Therefore, the entry point needs to call usermod(8) to update the user,
instead of using useradd(8) to create it.

[1] Podman commit 6c6670f12a3e6b91
containers/podman#6829

[2] containers/podman#7389

#523

@softwarefactory-project-zuul
Copy link

Build failed.

@softwarefactory-project-zuul
Copy link

Build failed.

@softwarefactory-project-zuul
Copy link

Build failed.

@debarshiray
cmd/initContainer: Split out the code to configure the user
59f4a79 
This will make the subsequent commit easier to read.

containers#523
@softwarefactory-project-zuul
Copy link

Build failed.

@debarshiray
Unbreak 'sudo' inside toolbox containers with Podman 2.0.5
9ea6fe5 
Since Podman 2.0.5, containers that were created with
'podman create --userns=keep-id ...' automatically get the user added
to /etc/passwd [1]. However, this user isn't as fully configured as it
needs to be. The home directory is specified as '/' and the shell is
/bin/sh.

Note that Podman doesn't add the user's login group to /etc/group [2].
This leads to the following error message when entering the container:
  /usr/bin/id: cannot find name for group ID 1000

It's expected that this will be fixed in Podman itself.

Therefore, the entry point needs to call usermod(8) to update the user,
instead of using useradd(8) to create it.

[1] Podman commit 6c6670f12a3e6b91
    containers/podman#6829

[2] containers/podman#7389

containers#523
@debarshiray debarshiray merged commit 9ea6fe5 into containers:master Aug 30, 2020
@debarshiray debarshiray deleted the wip/rishi/issue-523 branch August 30, 2020 22:47
@HarryMichal HarryMichal mentioned this pull request Sep 2, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@debarshiray